The company’s Chrome and Android technologies continued to be target-rich environments for security researchers from around the world.
Bug-bounty programs can sometimes say as much about an organization’s willingness to work with external security researchers to identify and fix security vulnerabilities in their products as it does about their potential exposure to potential attacks targeting their technologies.
By that measure, Google’s Android, Chrome, and Play platforms continue to be vulnerability-rich environments for bad actors to target. Last year, Google paid a record $8.7 million in rewards to 696 third-party bug hunters from 62 countries who discovered and reported thousands of vulnerabilities in the company’s technologies.
That amount represented a near 30% increase from the $6.7 million in rewards that Google paid bug hunters in 2020. Some of the increase had to do with higher payouts for certain kinds of bug discoveries. But a lot also had to do with the relatively high number of flaws that researchers are continuing to unearth in some of Google’s core technologies. Read more:https://bit.ly/3H0mQAh